Remarks as prepared for delivery
Thank you, Sean, for your kind introduction. And thank you to CSIS for partnering with us in this conference and for your leadership and innovative thinking on critical policy issues that affect us all. I would like to take a few moments now to reflect on how the National Security Division (NSD) came to be and how, in our first decade, we have strived to achieve our twin aims: protecting the United States against national security threats while safeguarding our core freedoms.
The attacks of September 11, 2001, were heartbreaking not only because of the loss of life—the single largest from a foreign attack on American soil in U.S. history—or because they altered our sense of safety in our homes and workplaces, but also because, in the words of the Report of the National Commission on Terrorist Attacks upon the United States, the “attacks were a shock, but they should not have come as a surprise.” The September 11 attacks caught the United States off guard not because we had no information that such an attack by al Qaeda was likely, but because no one put all the information together, made sense of it and shared it with those who could best act on it.
In the wake of this tragedy, our growing understanding of the nature of the terrorist threat, both domestically and internationally, led to dramatic changes in the structure of our government. Among those changes, and based on the recommendations of the Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction, Congress created the National Security Division in 2006—the Department of Justice’s first new litigating division in nearly 50 years, since the establishment of the Civil Rights Division in 1957. As the WMD Commission recognized, bringing together the department’s national security-related intelligence, policy, and operational functions into one division would create a “single focal point on all national security matters” and would better allow the existing components to “ac[t] in concert to serve [their] common mission”: combatting terrorism and other threats to national security. Perhaps more fundamentally, the attacks of September 11 united the nation and the world against a common enemy and with a shared sense of purpose. At NSD, every day still reflects that powerful sense of unity.
The history of National Security Division’s constituent parts in fact starts much earlier than 2006, or even 2001. The Internal Security Division—now the Counterintelligence and Export Control Section (CES)—was founded as a free-standing division of the Department of Justice in the early years of the Cold War. Largely focused on investigating and prosecuting suspected Soviet agents, the division’s attorneys prosecuted such infamous traitors as the Walker spy ring, Aldrich Ames and Robert Hanssen. Its lawyers also pioneered the use of the Classified Information Procedures Act, which allows the United States to prosecute defendants in national security cases fairly while safeguarding classified information.
In 1991, under the leadership of then-Assistant Attorney General Robert Mueller, the Criminal Division formed the Terrorism and Violent Crimes Section (TVCS)—now the Counterterrorism Section (CTS)—to serve as a focal point for the department’s international and domestic terrorism prosecutions. During its early years, the section handled a number of hijacking and airplane bombing cases and represented the United States’ interests in the Scottish trial arising out of the bombing of Pan Am Flight 103 over Lockerbie, Scotland. In the ensuing years, TVCS continued to grow in response to new statutory tools enacted in the wake of the First World Trade Center bombing in 1993 and the Oklahoma City bombing in 1995. TVCS also assisted the State Department in the first round of designations of foreign terrorist organizations in 1997, the initial step toward our current regime for prosecuting the crime of providing material support to terrorists.
And finally, the Office of Intelligence and Policy Review (OIPR)—the predecessor to NSD’s Office of Intelligence (OI)—was created to implement the intelligence collection regime of the Foreign Intelligence Surveillance Act (FISA). FISA was enacted in 1978 in the wake of the Church Committee’s revelation that parts of the Intelligence Community had infringed upon the civil liberties of the citizens it was supposed to protect. The abuses catalogued by the committee were many, including warrantless break-ins, excessive surveillance of politically “subversive” groups, and indiscriminate opening of citizens’ mail. To address the problems it identified, the Church Committee Report called for oversight of intelligence activity. In response to this need, FISA provided for oversight by all three branches of government, requiring approval of all FISA warrants by the Foreign Intelligence Surveillance Court, searching review by the House and Senate Select Committees on Intelligence and oversight from within the executive branch itself, to be spearheaded by the Attorney General. While ensuring that intelligence collection pursuant to FISA observed both statutory and constitutional limits, OIPR attorneys obtained intelligence collection authorities that enabled critical FBI counterintelligence and counterterrorism investigations.
Drawn from these three chains, OIPR, TVCS and ISS coexisted largely independent of one another within the Department of Justice’s broader umbrella. Because of the then-well accepted legal and cultural “wall” between intelligence collection under FISA and criminal investigations, interactions between OIPR attorneys and lawyers from the Criminal Division and U.S. Attorneys’ Offices were limited. So were contacts between the FBI’s law enforcement agents and their intelligence community counterparts. September 11 forced us to rethink that divide. With the passage of the USA PATRIOT ACT in 2001 and a 2002 decision of the Foreign Intelligence Surveillance Court of Review, the legal wall fell, facilitating the later merger of the department’s national security-focused entities into one division, following the WMD Commission’s critical recommendation.
And so, in 2006, the National Security Division was born. Designed to foster information sharing, coordination and unity of purpose, NSD brings together prosecutors, law enforcement agencies, and the Intelligence Community to respond more effectively to national security threats. And we continue to honor our historical roots: the Church Committee Report and the 9/11 Commission Report are required reading for all new attorneys in the Division.
NSD is comprised of a number of other key offices, beyond CTS, CES, and OI, reflecting its broad mission and the continuing need for greater coordination across government and with our partners abroad: the Foreign Investment Review Staff, drawn originally from both the Criminal Division’s Computer Crime and Intellectual Property Section and the Office of the Attorney General, supports the department’s participation on the Committee on Foreign Investments in the United States, among other functions. The Office of Justice for Victims of Overseas Terrorism works to ensure that American victims of terrorist attacks abroad are supported and given a voice. And the Office of Law and Policy, among its many hats, participates in the interagency national security policy process, provides legal assistance and advice on matters ranging from legislation to cyber threats to international counterterrorism capacity building, and includes the division’s Appellate Unit.
In its first ten years, NSD has demonstrated time and again the wisdom of its founders’ vision: that improved coordination and information sharing leads to better results. Since NSD’s creation, the Department of Justice has convicted more than 340 defendants in federal court for terrorism-related charges. This record of convictions and lengthy sentences we have achieved—and the intelligence we have gained—are testaments to the value of law enforcement in protecting national security. The division has also seen many notable successes in cases involving espionage, the illegal export of military and strategic goods and services, and cyber attacks related to national security.
Beyond the numbers, the division’s commitment to coordination across the government, internationally, and with the private sector has proven vital. NSD has adopted an intelligence-led, threat-driven, whole-of-government approach, in which criminal prosecution is a strong and effective tool, but just one of many the U.S. government may bring to bear. Integrating our policy and intelligence functions with the department’s national security prosecutors has allowed us to take advantage of the full array of legal tools, including sanctions, diplomatic engagements and military options, among others, as we combat threats to our national security.
Early in the division’s history, to provide one example, attorneys from the Office of Intelligence and the Office of Law and Policy were instrumental in the development and implementation of the FISA Amendments Act of 2008, which modernized FISA to permit effective and civil liberties-protective foreign intelligence collection in the digital age. The Office of Intelligence has supported numerous foreign intelligence investigations, as well as criminal prosecutions involving the use of information collected under FISA. And NSD’s counterterrorism prosecutors and attorneys in our Appellate Unit later worked together, along with prosecutors from local U.S. Attorneys’ Offices, to successfully implement the protections in the FISA Amendments Act in multiple criminal cases.
In 2009, we successfully prevented a planned attack on the New York City subway by Najibullah Zazi and his co-conspirators. Externally directed and large scale, this plot resembled the types of terrorist threats we came to expect from al Qaeda and its affiliates. And in 2010, we obtained convictions from 10 individuals who had served as unlawful agents of the Russian Federation.
But halfway through our first decade, the most pressing threats we faced evolved and expanded and so did we. As we worked to neutralize Al-Qaeda in Afghanistan, the threat evolved and expanded to associated groups, like Al-Qaeda in the Arabian Peninsula, Al-Qaeda in the Islamic Maghreb and Al-Shabaab. Today, the threat has metastasized to include increasingly diverse and geographically dispersed groups like ISIL and Boko Haram and the homegrown violent extremists ISIL and other terrorist groups inspire in the United States remain unpredictable and hard to detect. ISIL’s use of the Internet to effectively crowdsource terrorism and the shortened flash to bang time between the initiation of a lone-wolf plot and its execution have presented new challenges for the ability to detect and disrupt potential terrorist attacks. And while much attention has focused on those inspired and directed by al Qaeda and ISIL—and rightly so—we have not lost sight of the domestic terrorism threat posed by other violent extremists motivated by any viewpoint on the full spectrum of hate. We must do both.
Our work combatting the threat posed by foreign terrorist fighters demonstrates the value of NSD’s agile, coordinated efforts to meet a global threat. In the past few years, following the adoption of UN Security Council Resolution 2178, which calls upon the international community to address the foreign-fighter threat, NSD attorneys have worked with more than 20 countries to develop their criminal legislation and effectively investigate and prosecute foreign fighter cases. At home, since late 2013, attorneys in the Counterterrorism Section have helped to publicly charge more than 110 individuals in more than 35 districts for foreign fighter, homegrown violent extremism and ISIL-related conduct.
And as computer crimes have been on the rise, we have refocused our efforts to help deter and disrupt cyber-based attacks on our national security. In 2012, we created the National Security Cyber Specialists (NSCS) Network, a partnership between NSD, the Criminal Division’s Computer Crime and Intellectual Property Section, and U.S. Attorney’s Offices across the country, to combat cyber terrorism and state-sponsored computer intrusions. By linking our components closer together, and looking for opportunities to act, as we did in the unprecedented prosecutions described below, the NSCS Network has been an important part of our whole-of-government effort to deter and disrupt such threats.
In a particularly notable case, in May 2014, NSD, in partnership with the U.S. Attorney’s Office in Pittsburgh, obtained the first indictment of state-sponsored computer hacking and economic espionage, charging five named members of the Chinese People’s Liberation Army based on their theft of trade secrets and other sensitive business information from American companies. Our actions altered the diplomatic dialogue between the United States and China on this critical issue: A little more than a year later, Chinese President Xi Jinping for the first time publicly declared, “China strongly opposes and combats the theft of commercial secrets and other kinds of hacking attacks.” The United States and China agreed that neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to their companies or commercial sectors. And, at the G20 Summit last fall, leaders of the world’s most powerful nations pledged not to conduct or support cyber economic espionage. Now we must work to see that these commitments are honored.
Also in 2014, North Korea-sponsored hackers attacked Sony Pictures Entertainment, damaged its computer systems, stole valuable information and private correspondence and released it at significant cost to the company and its employees. In a matter of mere weeks, through close partnership with Sony and the hard work of the FBI, we publicly named—for the first time—the nation-state responsible for a destructive attack on an American company. Then, less than two months after the attack, the United States imposed additional sanctions on North Korea.
Likewise, we publicly named—and charged—Iranian hackers affiliated with the Islamic Revolutionary Guard Corps for their roles in a campaign of distributed denial of service attacks against the U.S. financial sector and members of the Syrian Electronic Army for conspiracies related to computer hacking. As important as the resolution of these individual cases are, they also promise a larger deterrent for would-be cyber criminals: that we can—and we will—remove the cloak of anonymity. And that no matter where a hacker is located or who he is affiliated with—whether a nation state or terrorist group—we can figure out who did it, we can do so publicly, and we can impose consequences.
Our heightened focus on homegrown violent extremists, foreign fighters and cyber attacks does not mean that we no longer worry about traditional espionage activity or threats from al Qaeda. Far from it. Rather, we have continued to meet those more established threats, while remaining vigilant against the new threats that have arisen in our first decade.
In the next decade, the threats will certainly change again. NSD can and must change with them. In addition to continuing efforts by terrorists to undermine our way of life, we foresee risks posed by data theft, ransomware and other extortion efforts and the increased vulnerabilities of the so-called “Internet of Things.” What is more, already, we are seeing how cyber attacks can blend and blur with real-world terrorist attacks in unexpected ways. In August 2015, ISIL-affiliated hackers publicly released the names, locations, phone numbers and e-mail addresses of more than 1,000 U.S. military and other government personnel for the purpose of encouraging terrorist attacks against them. In a first-of-its-kind case, the Department of Justice charged Ardit Ferizi with a material support violation for providing this stolen information to ISIL. Ferizi was extradited and ultimately pleaded guilty. Deterring and disrupting these kinds of threats will require the sorts of interagency, public-private and international cooperation that is at the core of NSD’s mission.
As we look ahead to the types of new threats we may face, the importance of engagement with the private sector and with the public cannot be overstated. As recognized in the 9/11 Commission’s Tenth Anniversary Report, “national security leaders must communicate to the public—in specific terms—what the threat is, how it is evolving, what measures are being taken to address it, [and] why those measures are necessary.” We have invested significant energy in engaging with various sectors of the economy and sharing information with the public at large to help people and businesses protect themselves from emerging threats. In doing so, we achieve our mission and build relationships of trust and common interest. This will be a critical and ongoing part of our work in the coming years.
I cannot fully express my pride in the accomplishments of the men and women of the National Security Division over the past decade. NSD is a mission-driven team that uses all tools to protect against threats to our national security, while honoring our role in safeguarding our nation’s most precious freedoms. We are committed to working closely with all our partners—from the Intelligence Community to law enforcement, from the private sector here to international partners abroad—to help protect the American people. We will remain vigilant and ever adaptive as we strive to meet the challenges of the next ten years and beyond.